7ce69c0f685bfe3e77540e805207c0072b4958ce1227192f86d26de7205afa94

Sharing

Copy URL

Twitter E-mail

General

Target

7ce69c0f685bfe3e77540e805207c0072b4958ce1227192f86d26de7205afa94
Size

644KB
MD5

937e5baf353434971f8f1fa7f42ffa20
SHA1

43fe5b90096a21f25589994634cdf1f55d68ae4c
SHA256

7ce69c0f685bfe3e77540e805207c0072b4958ce1227192f86d26de7205afa94
SHA512

347ed5c34d37530543f216098c4efdc69717b3bb29177fe3aed7d7395419dd071f8219cc24b604abf6d76672f7f031cf8529729b75c12e898988a5fb4ba04b38
SSDEEP

12288:fxv49c4u17uWo25MptAFO4v1H4yUP70oqYhY/XkoN6gb9QVgIffMKQZE1j3r+:N49MMTnpiF/HNjnggb9Q5cJS3r+

Score

N/A

Malware Config

Signatures

Files

7ce69c0f685bfe3e77540e805207c0072b4958ce1227192f86d26de7205afa94
.exe windows x86

fe7a163dd18f370e44130b2c5ea856db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

uxtheme

GetWindowTheme
CloseThemeData
GetThemeTextExtent
GetThemeBackgroundContentRect
GetThemeRect
GetThemePartSize
GetThemeSysColor
GetThemeBackgroundRegion
OpenThemeData
GetThemeAppProperties
DrawThemeText
IsThemeBackgroundPartiallyTransparent
IsThemePartDefined
GetCurrentThemeName
GetThemeFont
GetThemeBackgroundExtent
DrawThemeBackground
IsThemeActive
GetThemeColor

msvcrt

fwprintf
time
labs
_ismbcalpha
_mbschr
__p___initenv
?name@type_info@@QBEPBDXZ
mbtowc
vprintf
_wcsnicmp
_filelengthi64
_getpid
_wtempnam
_assert
??2@YAPAXI@Z
??0exception@@QAE@ABQBD@Z
_ismbcalnum
isalpha
_write
iswalnum
clearerr
__p__fmode
_wcsdup

advapi32

LookupAccountSidA
LsaEnumerateAccountRights
SystemFunction036
GetKernelObjectSecurity
AddAccessDeniedObjectAce
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSidSubAuthorityCount
GetUserNameW
LsaCreateSecret
IsValidSid
RegReplaceKeyA
BuildSecurityDescriptorW
CopySid
LsaClose
LookupAccountSidW
CryptGetUserKey
LsaGetUserName
BackupEventLogW
RegisterEventSourceA
RegQueryInfoKeyW
WmiCloseBlock
AccessCheck
OpenServiceA
GetSidSubAuthority
SystemFunction035
RegCloseKey
LsaSetDomainInformationPolicy
MakeAbsoluteSD
CryptEncrypt
CheckTokenMembership
RegQueryMultipleValuesA
BuildTrusteeWithSidW
CreateProcessAsUserA
LsaICLookupNames
InitializeAcl
TraceEvent
QueryServiceLockStatusW
CryptHashData
CreateRestrictedToken
PrivilegeCheck
AddAuditAccessObjectAce
IsTokenRestricted
EnumDependentServicesA
EncryptFileW
LsaOpenAccount
RegQueryValueA
CloseTrace
WmiDevInstToInstanceNameW
GetServiceKeyNameW
GetNamedSecurityInfoA
SetThreadToken
RegSetValueExW
AccessCheckByType
RegEnumKeyA
RegQueryMultipleValuesW
CryptGenRandom
InitiateSystemShutdownW
RegCreateKeyExW
GetNumberOfEventLogRecords
GetNamedSecurityInfoW
QueryServiceLockStatusA
CreateWellKnownSid
GetCurrentHwProfileA
LsaLookupNames

msacm32

acmFormatTagDetailsW
acmFormatDetailsW
acmDriverOpen
acmFormatChooseW
acmStreamConvert
acmGetVersion
acmStreamPrepareHeader
acmStreamUnprepareHeader
acmStreamSize
acmStreamOpen
acmStreamClose
acmFormatSuggest
acmDriverEnum
acmMetrics
acmDriverClose

odbc32

SQLBrowseConnectA
ValidateErrorQueue
VRetrieveDriverErrorsRowCol
SearchStatusCode
LockHandle
CursorLibLockDbc
VFreeErrors
PostODBCComponentError
CursorLibLockStmt
CursorLibTransact
CursorLibLockDesc
PostODBCError

kernel32

VirtualAlloc
InterlockedIncrement
GetConsoleScreenBufferInfo
GlobalHandle
GenerateConsoleCtrlEvent
WriteProfileSectionW
PostQueuedCompletionStatus
ReadConsoleA
VirtualQueryEx
FoldStringW
EraseTape
PeekConsoleInputA
CreateMutexW
GetPrivateProfileSectionNamesA
DeleteCriticalSection
CreateWaitableTimerW

Sections

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 14KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 349KB - Virtual size: 435KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 74KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 170B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe7a163dd18f370e44130b2c5ea856db

Headers

DLL Characteristics

File Characteristics

Imports

uxtheme

msvcrt

advapi32

msacm32

odbc32

kernel32

Sections

.data Size: 6KB - Virtual size: 5KB

.text Size: 14KB - Virtual size: 275KB

.rdata Size: 156KB - Virtual size: 236KB

.bss Size: 349KB - Virtual size: 435KB

INIT Size: 74KB - Virtual size: 166KB

.rsrc Size: 43KB - Virtual size: 42KB

.reloc Size: 1024B - Virtual size: 170B

.data
Size: 6KB - Virtual size: 5KB

.text
Size: 14KB - Virtual size: 275KB

.rdata
Size: 156KB - Virtual size: 236KB

.bss
Size: 349KB - Virtual size: 435KB

INIT
Size: 74KB - Virtual size: 166KB

.rsrc
Size: 43KB - Virtual size: 42KB

.reloc
Size: 1024B - Virtual size: 170B